Skip to content

Home

Jump to bottom
Sly Technologies edited this page Apr 14, 2023 · 12 revisions

Welcome to the jnetpcap-pro wiki!

About Protocol Packs

Due to the large number of network protocols available and modeled by Sly Techs network libraries, various groups of related protocols have been broken up in to different modules called Protocol Packs. The base module, the core-protocols provides both protocol related runtime support as well as the Core Protocol Pack consisting of numerous commonly found protocols in any network such as Address Resolution Protocol, Spanning Tree Protocol, Internet group Menagement Protocol, ETHERNET/IP/TCP/UDP and so on.

A small protocol pack API found in package com.slytechs.protocol.pack, has been added to core-protocols module for management of all protocol packs. This API allows detection and loading of other protocol packs at runtime during initializtion.

As an example here is how you can list the status of all available protocol packs:

Pack.listAllDeclaredPacks().forEach(System.out::println);

Will show something like this:

Pack [name="core"           ( 0/0x000), loaded=71 definitions]
Pack [name="options"        ( 1/0x040), loaded=46 definitions]
Pack [name="media"          ( 2/0x080), <pack not loaded>]
Pack [name="web"            ( 3/0x0C0), <pack not loaded but detected>]
Pack [name="telco"          ( 4/0x100), <pack not loaded>]
Pack [name="lte"            ( 5/0x140), <pack not loaded>]
Pack [name="database"       ( 6/0x180), <pack not loaded>]
Pack [name="microsoft"      ( 7/0x1C0), <pack not loaded>]
Pack [name="authentication" ( 8/0x200), <pack not loaded>]

This output shows that the "core" pack is loaded with a bunch of protocol definitions and that the "web" pack is detected on VM's module path but wasn't loaded. Packs can be loaded with Pack.loadAllDetectedPacks(). If executed, the previously generated output will immediately be different:

Pack [name="core"           ( 0/0x000), loaded=71 definitions]
Pack [name="options"        ( 1/0x040), loaded=46 definitions]
Pack [name="media"          ( 2/0x080), <pack not loaded>]
Pack [name="web"            ( 3/0x0C0), loaded= 13 definitions]
Pack [name="telco"          ( 4/0x100), <pack not loaded>]
...

Protocol packs serve several vital services.

First, individual packs provide the protocol definitions, of which, the most important components are the protocol headers (ie. protocol classes that extends Header class).

Secondly, packs export protocol dissectors so that when packets are received, they can be dissected into its individual header components. New protocol dissectors are loaded from packs to extend functionality of the main dissectors.

Thirdly, numerous protocol specific services are also part of protocol packs such as IP fragmentation reassembly for IP protocols, TCP/SCTP/UDP stream reassembly for others, various CODECs for video and audio, and thousands of constants and even full IANA tables which can be used to lookup values.

Clone this wiki locally